May 23, 2018

How to Prepare for a Cyber Attack with Disaster Recovery

If you have a business, chances are good you backup your data and applications.

Password Security

Most small business owners think that backups and/or using cloud-based services such as Microsoft Office 365 are enough to ensure business continuity in the event of an attack.

Simply put, they aren’t, and will be targeted by hackers along with the rest of your business. While it’s a good idea to ensure that your data is being backed up properly and securely, a disaster recovery plan is the best way to ensure that your business can keep running even in the event of a cyber attack. Foresight for IT can help you with both backups and disaster recovery – they aren’t the same thing and shouldn’t be treated as such.

Very basic disaster recovery is affordable

If you think having an IT firm construct and maintain your disaster recovery plan and backups is unaffordable, think again. While it is true that the losses from having your data compromised could be substantial, that is the same argument used to sell insurance and most business owners don’t see financials that way – they are primarily concerned with monthly expenditures.

Foresight for IT will put together a plan that is affordable which will ensure that your data and apps are recoverable after an attack – the main thing affecting cost is how long you are willing to be “down” for. If you can manage a few days, then the cost is actually quite low. Instant and 24-hour response times are more expensive, but if your losses will be substantial in just a few days, they become worth it. If during our discovery process we find a hole in your backup system, or the absence of one, we can advise on that as well.

OK, but I’m sure my business is covered with our current solution (No, you’re not)

The main problem we have with getting clients to understand disaster recovery is that they tend to think disaster recovery and backup solutions are the same thing. They are not. A low-grade backup solution, such as backing up to Google Drive or even a secondary backup service, is still vulnerable to cyber attacks. Reliance on physical storage on-premise is similarly insecure, as physical storage is networked and also vulnerable to cyber threats. Disaster recovery is a replacement of your entire IT infrastructure, where backups are just backing up your data.

Another misconception lies in the use of cloud productivity suites, such as Microsoft Office 365 and G Suite. Since your business data is in the cloud, and the solution is sold as a secure one, business owners automatically think they are covered in the event of business interruption. The truth is that these solutions are common targets of ransomware attacks, and need further protection in addition to what Microsoft and Google provide.

There is also the time/expertise factor to consider – do you want Gary from accounting to try to get your business back up and running from a backup file, or do you want a trained IT disaster recovery specialist on it? Low-end backup solutions rely on you to do all the work, which you often don’t have the in-house expertise to do.

What are your solutions for disaster recovery?

We’ll come in to your business or have a phone conversation with you about what your needs are, what kind of data and applications you need to protect, how quickly you need to be back up, and so on. From there, we’ll recommend a solution that will protect your business.

Our preferred solution that we present to business owners is a local backup which takes place at certain time periods that you agree to. This is coupled with an offsite backup which we test regularly and ensure will be working in the event of an attack. These backups are segregated securely and separately in their own silos so that if there is an attack, they can be used to reconstruct your apps and data. These backups are meant for disaster recovery purposes only, and shouldn’t be relied on as your primary data backup method. We can advise on solutions for that too.

We also have solutions available to properly protect Microsoft Office 365 and G Suite. While 2-factor authentication is a good security measure for both of these productivity suites, it isn’t enough to properly secure your logins and data.

In the end, we’ll recommend a solution that will let us sleep at night knowing that your business is protected. We take your business just as seriously as we take our own, because our reputation depends on it. Contact us today to find out more about our disaster recovery and backup solutions. For more information or if you have questions about disaster recovery for your business, don’t hesitate to reach out to one of our Foresight for IT team members.

Related posts:
Why is Phishing Becoming More Frequent?
Read more chevron_right
What is Smishing?
Read more chevron_right
What is Cyber Insurance?
Read more chevron_right See all blogs chevron_right